Encrypt the Master Key

If you have not previously encrypted the master key on a firewall, use the following procedure to encrypt it. Use this procedure for first time encryption of a key, or if you define a new master key and you want to encrypt it. If you want to refresh the encryption on a previously encrypted key, see Refresh the Master Key Encryption.
  1. Select DeviceMaster Key and Diagnostics.
  2. Specify the key that is currently used to encrypt all of the private keys and passwords on the firewall in the Master Key field.
  3. If changing the master key, enter the new master key and confirm.
  4. Select the HSM check box.
    • Life Time—The number of days and hours after which the master key expires (range 1-730 days).
    • Time for Reminder—The number of days and hours before expiration when the user is notified of the impending expiration (range 1–365 days).
  5. Click OK.

Related Documentation